Scan data for secrets

Jenkins

4min

The Jenkins scanning integration scans the Jenkins build logs for credentials.
Configuration
﻿
Local configuration
Access Token
sources:
- connection:
    '@type': type.googleapis.com/sources.Jenkins
    basicAuth:
      password: XXXXXXXXXXXXXXXXXXXXXXXXXX
      username: scanner-account
    endpoint: https://jenkins.example.com
  name: Jenkins logs
  scanPeriod: 12h
  type: SOURCE_TYPE_JENKINS
  verify: true
sources:
- connection:
    '@type': type.googleapis.com/sources.Jenkins
    basicAuth:
      password: XXXXXXXXXXXXXXXXXXXXXXXXXX
      username: scanner-account
    endpoint: https://jenkins.example.com
  name: Jenkins logs
  scanPeriod: 12h
  type: SOURCE_TYPE_JENKINS
  verify: true
﻿
Options
Key
Description
Required
endpoint
The URI reference to Jenkins server
Yes
insecureSkipVerifyTls
Whether to skip verifying TLS on the Jenkins server. Setting this to true may pose security issues.
No
Capabilities
Feature
Supported
Scan build logs
✅
Scan artifacts
❌
Scan base64 encoded data
✅
Auto resume
✅
﻿

Key	Description	Required
endpoint	The URI reference to Jenkins server	Yes
insecureSkipVerifyTls	Whether to skip verifying TLS on the Jenkins server. Setting this to true may pose security issues.	No

Feature	Supported
Scan build logs	✅
Scan artifacts	❌
Scan base64 encoded data	✅
Auto resume	✅

Updated 24 Jun 2024

Did this page help you?

Google Drive

Jira